package com.eso.haBank.controller

import org.apache.commons.lang.StringUtils
import com.eso.haBank.domain.Employee
import com.eso.project.utils.Utils
import com.eso.frame.utils.SecurityUtils

import com.eso.frame.AppConstant

class AuthController {

    def index = {
        redirect(action: "login", params: params);
    }

    //跳转到登录界面
    def login = {
        if (session[AppConstant.SESSION.USER])
            redirect(controller: "home", action: "index");
    }

    //用户登录鉴权
    def authenticate = {

        nocache response

        withForm {//正确的请求
            def userId = StringUtils.trim(params?.userId);
            def userPwd = StringUtils.trim(params?.userPwd);

            def userInfo = null;

            if (Utils.isSuper(userId)) {//超级系统管理员
                userInfo = Utils.initSuperUser();
            } else {
                //根据查询语句查询用户信息
                userInfo = Employee.findByUserId(userId);
            }

            //判断
            if (!userInfo) {
                flash.message = "${message(code: 'appLogin.result.failure.haveNoThisUser')}";
                render(view: "login", model: [params]);
            } else {
                if (AppConstant.VALID_STATUS != userInfo.userStatus) {
                    flash.message = "${message(code: 'appLogin.result.failure.invalidStatus')}";
                    return render(view: "login", model: [params]);
                }
                //比较密码
                String userInputPwd = SecurityUtils.getMD5String(userId + userPwd);
                if (!userInfo.userPwd.equals(userInputPwd)) {
                    flash.message = "${message(code: 'appLogin.result.failure.wrongPwd')}";
                    return render(view: "login", model: [params]);
                }

                session[AppConstant.SESSION.USER] = userInfo;

                log.info("Employee($userInfo.userId) login the system sucessfully");

                //跳转系统管理首页
                def goController = 'home', goAction = 'index', goParams = [:];
                def originalRequestParams = session?.originalRequestParams;

                if (originalRequestParams) {
                    goController = originalRequestParams.controller;
                    goAction = originalRequestParams.action;
                    goParams = originalRequestParams.params;
                }
                redirect(controller: goController, action: goAction, params: goParams);
            }
        }.invalidToken {//重复请求
            flash.message = "${message(code: 'appLogin.result.failure.invalidToken')}";
            redirect(action: 'login', params: params);
        }
    }

    //用户退出
    def logout = {
        log.info("Employee logout the system sucessfully");
        try {
            session.removeAttribute(AppConstant.SESSION.USER);
            session.invalidate();
            return render(view: 'logout');
        } catch (Exception e){
            return redirect(controller: 'auth', action: 'login')
        }
    }

    /** cache controls */
    private void nocache(response) {
        response.setHeader('Cache-Control', 'no-cache') // HTTP 1.1
        response.addDateHeader('Expires', 0)
        response.setDateHeader('max-age', 0)
        response.setIntHeader('Expires', -1) //prevents caching at the proxy server
        response.addHeader('cache-Control', 'private') //IE5.x only
    }
}
